5 Features in Windows 8.1 That Make Mobility Manageable

Russell is a technology consultant and trainer specializing in management and security of Microsoft server and client technologies. He is a Microsoft Certified Systems Engineer with more than 10 years of experience.

Windows 8 brings a number of features to the table designed to improve life for users on the go, enabling them to work more easily than ever before when away from the office. Windows 8.1 adds some extra capabilities that could make the move to Windows 8 even more compelling for notebook and tablet users.

1. Mobile Broadband Management

Windows 8 makes it easier for users to connect to mobile broadband networks if they have an appropriately equipped ultrabook or tablet with a 3G/4G modem. Broadband networks are now integrated with wired LAN and wireless networks in the Networks pane, which can be accessed from the Settings icon on the Charms bar, allowing users to connect to different types of networks from one place.

Special software to access broadband networks shouldn’t be required, as all the necessary functionality to connect is now built in to Windows. When Airplane Mode is enabled, broadband antennas are switched off, along with Bluetooth and wireless receivers.

Broadband connections can be shared using mobile hotspots, which are an extension of the Internet Connection Sharing service found in earlier versions of Windows. Users who want to make use of a mobile hotspot can connect to it using Wi-Fi.

Remote access has also been improved in Windows 8.1 with auto-triggered VPNs, which automatically prompt users to sign in when an app requiring a connection starts, saving users the need to manually dial in to corporate networks. This feature is also accessible to third-party VPN clients.

2. Estimated Data Usage and Metered Connections

Estimated data usage is another neat feature, especially for mobile users who don’t have unlimited data plans. For each connection, when the user turns on estimated usage, Windows will display how much data has been transferred across the connection, enabling the user to estimate the cost involved. Data transfer for individual processes is also shown in Task Manager.

Networks can also be designated as “metered,” preventing processes such as Windows Update from downloading anything but critical security updates until connected to an unmetered network.

3. Open Mobile Device Management

Windows 8.1 includes support for Open MDM, allowing Windows to be managed natively for the first time without using Microsoft’s own technologies. MDM products, such as those from AirWatch and MobileIron, can now be used to manage Windows without installing a local client. Active Directory has always been limited in its client management capabilities, so this will be a welcome addition, especially for organizations that already have an investment in MDM.

4. Windows Intune

Users can enroll Windows 8.1–based devices into Windows Intune, giving IT administrators the ability to manage personal devices without installing a full management client. Windows RT 8.1 tablets have more Windows Intune management options, and Windows 8.1 PCs can be managed in the same way as other mobile devices.

5. Secure Access to Corporate Data

Workplace Join in Windows 8.1 allow users to register a personal device to access some corporate resources without joining it to a domain. Interestingly, Workplace Join also supports iOS devices on the client side. Three Windows Server 2012 R2 servers are needed:

A domain controller running certificate services

An Active Directory Federation Services server

An Internet Information Services server

Figure 2 – Setting up Work Folders in Windows 8.1

Work Folders is also new in Windows 8.1 and provides something similar to Microsoft’s SkyDrive consumer cloud storage service, letting users sync files to a personal device without being a member of the domain.

IT can enforce Dynamic Access Control policies, and perform a remote wipe using Exchange Active Sync or Open MDM. Data in Windows 8.1 can be designated as “user” or “corporate,” and Work Folders can be encrypted and wiped separately, sparing personal data.